Update To 11.40.268.0

[platform/framework/web/crosswalk.git] / src / content / browser / webui / url_data_manager_backend.cc

diff --git a/src/content/browser/webui/url_data_manager_backend.cc b/src/content/browser/webui/url_data_manager_backend.cc
index cda08bb..9e12864 100644 (file)
--- a/src/content/browser/webui/url_data_manager_backend.cc
+++ b/src/content/browser/webui/url_data_manager_backend.cc
@@ -90,6 +90,19 @@ void URLToRequestPath(const GURL& url, std::string* path) {
     path->assign(spec.substr(offset));
 }
 
+// Returns a value of 'Origin:' header for the |request| if the header is set.
+// Otherwise returns an empty string.
+std::string GetOriginHeaderValue(const net::URLRequest* request) {
+  std::string result;
+  if (request->extra_request_headers().GetHeader(
+          net::HttpRequestHeaders::kOrigin, &result))
+    return result;
+  net::HttpRequestHeaders headers;
+  if (request->GetFullRequestHeaders(&headers))
+    headers.GetHeader(net::HttpRequestHeaders::kOrigin, &result);
+  return result;
+}
+
 }  // namespace
 
 // URLRequestChromeJob is a net::URLRequestJob that manages running
@@ -106,14 +119,12 @@ class URLRequestChromeJob : public net::URLRequestJob,
                       bool is_incognito);
 
   // net::URLRequestJob implementation.
-  virtual void Start() OVERRIDE;
-  virtual void Kill() OVERRIDE;
-  virtual bool ReadRawData(net::IOBuffer* buf,
-                           int buf_size,
-                           int* bytes_read) OVERRIDE;
-  virtual bool GetMimeType(std::string* mime_type) const OVERRIDE;
-  virtual int GetResponseCode() const OVERRIDE;
-  virtual void GetResponseInfo(net::HttpResponseInfo* info) OVERRIDE;
+  void Start() override;
+  void Kill() override;
+  bool ReadRawData(net::IOBuffer* buf, int buf_size, int* bytes_read) override;
+  bool GetMimeType(std::string* mime_type) const override;
+  int GetResponseCode() const override;
+  void GetResponseInfo(net::HttpResponseInfo* info) override;
 
   // Used to notify that the requested data's |mime_type| is ready.
   void MimeTypeAvailable(const std::string& mime_type);
@@ -152,13 +163,17 @@ class URLRequestChromeJob : public net::URLRequestJob,
     send_content_type_header_ = send_content_type_header;
   }
 
+  void set_access_control_allow_origin(const std::string& value) {
+    access_control_allow_origin_ = value;
+  }
+
   // Returns true when job was generated from an incognito profile.
   bool is_incognito() const {
     return is_incognito_;
   }
 
  private:
-  virtual ~URLRequestChromeJob();
+  ~URLRequestChromeJob() override;
 
   // Helper for Start(), to let us start asynchronously.
   // (This pattern is shared by most net::URLRequestJob implementations.)
@@ -202,6 +217,10 @@ class URLRequestChromeJob : public net::URLRequestJob,
   // If true, sets the "Content-Type: <mime-type>" header.
   bool send_content_type_header_;
 
+  // If not empty, "Access-Control-Allow-Origin:" is set to the value of this
+  // string.
+  std::string access_control_allow_origin_;
+
   // True when job is generated from an incognito profile.
   const bool is_incognito_;
 
@@ -293,6 +312,12 @@ void URLRequestChromeJob::GetResponseInfo(net::HttpResponseInfo* info) {
                            mime_type_.c_str());
     info->headers->AddHeader(content_type);
   }
+
+  if (!access_control_allow_origin_.empty()) {
+    info->headers->AddHeader("Access-Control-Allow-Origin: " +
+                             access_control_allow_origin_);
+    info->headers->AddHeader("Vary: Origin");
+  }
 }
 
 void URLRequestChromeJob::MimeTypeAvailable(const std::string& mime_type) {
@@ -432,11 +457,11 @@ class ChromeProtocolHandler
         is_incognito_(is_incognito),
         appcache_service_(appcache_service),
         blob_storage_context_(blob_storage_context) {}
-  virtual ~ChromeProtocolHandler() {}
+  ~ChromeProtocolHandler() override {}
 
-  virtual net::URLRequestJob* MaybeCreateJob(
+  net::URLRequestJob* MaybeCreateJob(
       net::URLRequest* request,
-      net::NetworkDelegate* network_delegate) const OVERRIDE {
+      net::NetworkDelegate* network_delegate) const override {
     DCHECK(request);
 
     // Check for chrome://view-http-cache/*, which uses its own job type.
@@ -477,7 +502,7 @@ class ChromeProtocolHandler
         GetURLDataManagerForResourceContext(resource_context_), is_incognito_);
   }
 
-  virtual bool IsSafeRedirectTarget(const GURL& location) const OVERRIDE {
+  bool IsSafeRedirectTarget(const GURL& location) const override {
     return false;
   }
 
@@ -578,6 +603,15 @@ bool URLDataManagerBackend::StartRequest(const net::URLRequest* request,
   job->set_send_content_type_header(
       source->source()->ShouldServeMimeTypeAsContentTypeHeader());
 
+  std::string origin = GetOriginHeaderValue(request);
+  if (!origin.empty()) {
+    std::string header =
+        source->source()->GetAccessControlAllowOriginForOrigin(origin);
+    DCHECK(header.empty() || header == origin || header == "*" ||
+           header == "null");
+    job->set_access_control_allow_origin(header);
+  }
+
   // Look up additional request info to pass down.
   int render_process_id = -1;
   int render_frame_id = -1;
@@ -693,11 +727,11 @@ class DevToolsJobFactory
   // |is_incognito| should be set for incognito profiles.
   DevToolsJobFactory(content::ResourceContext* resource_context,
                      bool is_incognito);
-  virtual ~DevToolsJobFactory();
+  ~DevToolsJobFactory() override;
 
-  virtual net::URLRequestJob* MaybeCreateJob(
+  net::URLRequestJob* MaybeCreateJob(
       net::URLRequest* request,
-      net::NetworkDelegate* network_delegate) const OVERRIDE;
+      net::NetworkDelegate* network_delegate) const override;
 
  private:
   // |resource_context_| and |network_delegate_| are owned by ProfileIOData,